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AMENDMENTS TO THE CLAIMS 



1 . (Currently amended) A method of registering a non-configured network device in a 
telecommimications network, the method comprising the computer-implemented steps of: 
receiving a message from a first non-configured network packet routing device that 

requests network services; 
authenticating the first device based on a longer-lived symmetric key received fi'om the 
first device; 

generating and providing a shorter-lived symmetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request fi:'om a second network packet routing device to obtain a session key 
for secure communications between the second device and the first device, based 
on authenticating the shorter-Uved symmetric key, wherein the request includes 
the shorter-lived symmetric key of the first device; 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer commimications between the first device and the 
second device without communication of either the first device or second device 
to a key management service or authoritative authentication service; and 

registering the first device in the network at a trusted device registration service; 

authenticating the first device to the trusted device registration service: and 

providing trusted information to the trusted device registration service that certifies that 
the first device as a known device within a securitv realm: and 

providing information identifying the device registration service to the first device for use 
in obtaining the longer-lived symmetric key . 

2. (Original) A method as recited in Claim 1, wherein the shorter-lived symmetric key 
is encapsulated in a ticket that includes data identifying a specified lifetime of the shorter- 
lived symmetric key. 

3. (Original) A method as recited in Claim 1, fiirther comprising the steps of receiving, 
at the second device, a request from the first device to obtain a session key on behalf of 
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both the first device and second device, wherein the request includes the shorter-hved 
symmetric key of the first device. 

4. (Original) A method as recited in Claim 1, wherein the subsequent secure 
communications comprise successive symmetric encryption and decryption operations 
using the symmetric session key, and wherein the first device and second device carry out 
the subsequent secure communications without contact with a key management service or 
registration service. 

5. (Original) A method as recited in Claim 1, further comprising the steps of: 
receiving a request from a first device that wishes to communicate securely with a second 

device to register with a trusted registration service; 
authenticating the first device; and 

in response to authenticating the first device, providing a longer-lived symmetric key to 
the first device. 

6. (Canceled). 

7. (Canceled). 

8. (Currently amended) A method of distributing cryptographic keys in a network, the 
method comprising the computer-implemented steps of: 

providing a registration service identifier that identifies an administrative entity to a first 
network packet routing device and providing a unique identifier of the first device 
to the administrative entity; 

associating a device private key in a secure data repository that is accessible by the 
administrative entity; 

estabhshing a longer-lived symmetric key for the first device; 

authenticating the first device based on receiving the longer-lived symmetric key fi"om 
the first device; 
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generating and providing a short-term symmetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request from a second network packet routing device to obtain a session key 
for secure communications among the second device and the first device, based 
on authenticating the short-term symmetric key, wherein the request includes the 
short-term symmetric key of the first device; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device without commxmication of either the first device or second device 
to a key management service or authoritative authentication service; 

registering the first device in the network at a trusted device registration service: 

authenticating the first device to the trusted device registration service: and 

generating trusted information for the trusted device registration service that certifies that 
the first device as a known device within a security realm: and 

generating information identifying the device registration service to the first device for 
use in obtaining the longer-lived symmetric kev . 

9. (Original) A method as recited in Claim 8, wherein the step of associating a device 
private key with a data repository comprises the steps of generating a public key pair 
comprising a device public key and a device private key and storing the device private 
key in a database or directory that is accessible to the administrative entity. 

10. (Original) A method as recited in Claim 8, wherein the step of associating a device 
private key with a data repository comprises the steps of generating a public key pair 
comprising a device public key and a device private key and registering the device 
private key with a certification authority that is accessible to the administrative entity. 

11. (Canceled). 

12. (Canceled). 
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13. (Currently amended) A method as recited in Claim -148, wherein generating trusted 
information that provid e s assuranc e to a for the trusted registration service that the first 
d e vice is a certifi e d d e vic e comprises the steps of creating and storing an association of a 
unique identifier of the first device and the device public key in a secure database that is 
accessible to the registration service, and providing the unique identifier fi'om the first 
device to the registration service. 

14. (Original) A method as recited in Claim 9, wherein establishing a longer-lived 

symmetric key comprises the steps of: 
generating the longer-lived symmetric key; 

encrypting the longer-lived symmetric key using the device public key; 
encapsulating the encrypted longer-lived symmetric key in a device registration ticket; 
and 

sending the device registration ticket to the device. 

15. (Original) A method as recited in Claim 14, wherein encapsulating the encrypted key 
comprises encapsulating the encrypted longer-lived symmetric key with policy 
information in the device registration ticket, wherein the policy information defines a 
validity interval of the encrypted longer-lived symmetric key. 

16. (Original) A method as recited in Claim 8, wherein generating and providing a short- 
term symmetric key to the first device includes the steps of encapsulating the short-term 
symmetric key in a short-term ticket granting ticket with associated policy information. 

1 7. (Original) A method as recited in Claim 8, wherein the step of receiving a request 
fi-om a second device to obtain a session key for secure communications among the 
second device and the first device comprises the steps of: 

receiving a first short-term ticket granting ticket that includes the short-term symmetric 
key of the first device; 
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receiving a second short-term ticket granting ticket that includes the short-term 
symmetric key of the second device; 

decrypting the first and second short-term ticket granting tickets based on respective first 
and second shared secret keys; 

authenticating the short-term symmetric keys of the first device and second device based 
on the respective first and second shared secret keys; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device without communication of either the first device or second device 
to a key management service or authoritative authentication service. 

(Currently amended) A method of establishing secure cryptographic peer-to-peer 
communication between a first network packet routing device and a second network 
packet routing device in a network, the method comprising the computer-implemented 
steps of: 

providing a unique identifier of the first device and receiving, in response, providing a 
registration service identifier that identifies an administrative entity to the first 
device; 

creating and storing a device private key in a secure data repository that is accessible by 

the administrative entity; 
receiving a longer-lived symmetric key for the first device; 
authenticating the first device to a key management server using the longer- lived 

symmetric key of the first device; 
receiving a short-term symmetric key fi'om the key management server, based on 

authenticating the longer-lived symmetric key; 
generating a request to a second device to obtain a session key for secure 

communications among the second device and the first device, based on 

authenticating the short-term symmetric key, wherein the request includes the 

short-term symmetric key of the first device; and 
receiving a symmetric session key fi-om the second device for use in subsequent secure 

peer-to-peer communications between the first device and the second device 
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without communication of either the first device or second device to a key 
management service or authoritative authentication service; 

providing information to a registration service that provides assurance that the first device 
is a certified device: 

authenticating the first device to the registration service; 

generating information that provides assurance to a registration service that the first 

device is a certified device; and 
authenticating the first device to the registration service by sending a first message firom 

the first device to the registration service that is encrypted using the device pubhc 

key . 

19. (Original) A method as recited in Claim 18, wherein the steps of creating and storing 
a device private key with a data repository comprises the steps of generating a public key 
pair comprising a device pubUc key and a device private key and storing the device 
private key in a database or directory that is accessible to the administrative entity. 

20. (Original) A method as recited in Claim 18, wherein the steps of creating and storing 
a device private key with a data repository comprises the steps of generating a public key 
pair comprising a device public key and a device private key and registering the device 
private key with a certification authority that is accessible to the administrative entity. 

21. (Canceled.) 

22. (Canceled.) 

23. (Currently amended) A method as recited in Claim-24 - 18, wherein providing 
information to a registration service that the first device is a certified device comprises 
the steps of creating and storing an association of a unique identifier of the first device 
and the device pubhc key in a secure database that is accessible to the registration 
service, and providing the imique identifier fi'om the first device to the registration 
service. 
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24. (Original) A method as recited in Claim 19, wherein receiving a longer-lived 
symmetric key comprises the steps of receiving a device registration ticket that comprises 
the longer-lived symmetric key encrypted using the device public key. 

25. (Original) A method as recited in Claim 24, wherein the encrypted longer-lived 
symmetric key is encapsulated in the device registration ticket with policy information 
that defines a validity interval of the encrypted longer-lived symmetric key. 

26. (Original) A method as recited in Claim 1 8, wherein receiving the short-term 
symmetric key comprises the steps of receiving the short-term symmetric key in a short- 
term ticket granting ticket with associated policy information. 

27. (Original) A method as recited in Claim 1 8, wherein the step of generating a request 
from a second device to obtain a session key for secure communications among the 
second device and the first device comprises the steps of generating a first short-term 
ticket granting ticket that includes the short-term symmetric key of the first device. 

28. (Original) A method as recited in Claim 1 8, wherein the step of receiving a 
symmetric session key from the second device for use in subsequent secure peer-to-peer 

communications between the first device and the second device comprises receiving a 
shared service ticket that contains the symmetric session key.* 

29. (Original) A method as recited in Claim 28, further comprising the steps of: 
generating an initial request for peer-to-peer secure commimication, wherein the initial 

request is directed to the second device and includes the shared service ticket; 
authenticating the second device based on the symmetric session key in the shared 
service ticket; 

communicating one or more messages to the second device using the symmetric session 
key to encrypt or decrypt the messages. 
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30. (Currently amended) A computer-readable medium carrying one or more sequences of 
instructions for distributing cryptographic keys in a network, which instructions, when 
executed by one or more processors, cause the one or more processors to carry out the 
steps of: 

providing a registration service identifier that identifies an administrative entity to a first 
non-configured network packet routing device and providing a imique identifier 
of the first device to the administrative entity; 

associating a device private key in a secure data repository that is accessible by the 
administrative entity; 

establishing a longer-lived symmetric key for the first device; 

authenticating the first device based on receiving the longer-lived symmetric key firom 
the first device; 

generating and providing a short-term symmetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request firom a second network packet routing device to obtain a session key 
for secure communications among the second device and the first device, based 
on authenticating the short-term symmetric key, wherein the request includes the 
short-term symmetric key of the first device; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device without communication of either the first device or second device 
to a key management service or authoritative authentication service; 

registering the first device in the network at a trusted device registration service; 

means for authenticating the first device to the trusted device registration service: and 

means for providing trusted information to the trusted device registration service that 
certifies that the first device as a known device within a securitv realm: and 

means for providing information identifying the device registration service to the first 
device for use in obtaining the longer-lived symmetric key . 

3 1 . (Currently amended) An apparatus for distributing cryptographic keys in a network, 
comprising: 
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means for providing a registration service identifier that identifies an administrative 
entity to a first non-configured network packet routing device and providing a 
unique identifier of the first device to the administrative entity; 

means for associating a device private key in a secure data repository that is accessible by 
the administrative entity; 

means for estabhshing a longer-Hved symmetric key for the first device; 

means for authenticating the first device based on receiving the longer-lived symmetric 
key firom the first device; 

means for generating and providing a short-term symmetric key to the first device based 
on authenticating the longer-lived symmetric key; 

means for receiving a request firom a second packet routing device to obtain a session key 
for secure communications among the second device and the first device, based 
on authenticating the short-term symmetric key, wherein the request includes the 
short-term symmetric key of the first device; and 

means for generating and providing a symmetric session key to the second device for use 
in subsequent secure peer-to-peer communications between the first device and 
the second device without communication of either the first device or second 
device to a key management service or authoritative authentication service^ 

means for registering the first device in the network at a trusted device registration 
service: 

authenticating the first device to the trusted device registration service: and 

providing trusted information to the trusted device registration service that certifies that 

the first device as a known device within a security realm; and 
providing information identifying the device registration service to the first device for use 

in obtaining the longer-lived symmetric key . 

32. (Currently amended) An apparatus for distributing cryptographic keys in a data network, 
comprising: 

a network interface that is coupled to the data network for receiving one or more packet 

flows therefrom; 
a processor; 
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one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out the steps of: 

providing a registration service identifier that identifies an administrative entity to 

a first network packet routing device and providing a unique identifier of 

the first device to the administrative entity; 
associating a device private key in a secure data repository that is accessible by 

the administrative entity; 
establishing a longer-lived symmetric key for the first device; 
authenticating the first device based on receiving the longer-lived symmetric key 

from the first device; 
generating and providing a short-term symmetric key to the first device based on 

authenticating the longer-lived symmetric key; 
receiving a request from a second network packet routing device to obtain a 

session key for secure communications among the second device and the 

first device, based on authenticating the short-term symmetric key, 

wherein the request includes the short-term symmetric key of the first 

device; and 

generating and providing a symmetric session key to the second device for use in 
subsequent secure peer-to-peer communications between the first device 
^ and the second device without conmiunication of either the first device or 

second device to a key management service or authoritative 
authentication; 

registering the first device in the network at a trusted device registration service; 
authenticating the first device to the trusted device registration service: 
and 

providing trusted information to the trusted device registration service that 

certifies that the first device as a known device within a security realm: 
and 

providing information identifying the device registration service to the first device 
for use in obtaining the longer-lived symmetric kev . 
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